Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1725 | 1 Microsoft | 1 Bot Framework Software Development Kit | 2021-01-15 | 2.1 LOW | 5.5 MEDIUM |
| Bot Framework SDK Information Disclosure Vulnerability | |||||
| CVE-2021-1650 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2021-01-15 | 7.2 HIGH | 7.8 HIGH |
| Windows Runtime C++ Template Library Elevation of Privilege Vulnerability | |||||
| CVE-2021-1646 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2021-01-15 | 7.2 HIGH | 7.8 HIGH |
| Windows WLAN Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-1712 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2021-01-15 | 6.0 MEDIUM | 8.0 HIGH |
| Microsoft SharePoint Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1719. | |||||
| CVE-2021-1649 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-01-15 | 7.2 HIGH | 7.8 HIGH |
| Active Template Library Elevation of Privilege Vulnerability | |||||
| CVE-2018-18689 | 13 Apple, Avanquest, Foxitsoftware and 10 more | 20 Macos, Expert Pdf Ultimate, Pdf Experte Ultimate and 17 more | 2021-01-15 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects eXpert PDF 12 Ultimate, Expert PDF Reader, Nitro Pro, Nitro Reader, PDF Architect 6, PDF Editor 6 Pro, PDF Experte 9 Ultimate, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, PDF-XChange Editor and Viewer, Perfect PDF 10 Premium, Perfect PDF Reader, Soda PDF, and Soda PDF Desktop. | |||||
| CVE-2021-1655 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-01-14 | 7.2 HIGH | 7.8 HIGH |
| Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693. | |||||
| CVE-2021-1652 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-01-14 | 7.2 HIGH | 7.8 HIGH |
| Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693. | |||||
| CVE-2021-1653 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-01-14 | 7.2 HIGH | 7.8 HIGH |
| Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693. | |||||
| CVE-2021-1654 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-01-14 | 7.2 HIGH | 7.8 HIGH |
| Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693. | |||||
| CVE-2018-16042 | 5 Adobe, Apple, Iskysoft and 2 more | 8 Acrobat Dc, Acrobat Reader Dc, Reader and 5 more | 2021-01-14 | 6.4 MEDIUM | 6.5 MEDIUM |
| Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a security bypass vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2021-1716 | 1 Microsoft | 8 365 Apps, Office, Office Online Server and 5 more | 2021-01-14 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Word Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1715. | |||||
| CVE-2021-1714 | 1 Microsoft | 7 365 Apps, Excel, Excel Services and 4 more | 2021-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1713. | |||||
| CVE-2021-1643 | 1 Microsoft | 1 Hevc Video Extensions | 2021-01-14 | 9.3 HIGH | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1644. | |||||
| CVE-2020-24003 | 1 Microsoft | 1 Skype | 2021-01-14 | 2.1 LOW | 3.3 LOW |
| Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Skype Client's microphone and camera access. | |||||
| CVE-2021-1637 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more | 2021-01-14 | 2.1 LOW | 5.5 MEDIUM |
| Windows DNS Query Information Disclosure Vulnerability | |||||
| CVE-2021-1636 | 1 Microsoft | 1 Sql Server | 2021-01-14 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SQL Elevation of Privilege Vulnerability | |||||
| CVE-2018-18688 | 11 Apple, Code-industry, Foxitsoftware and 8 more | 16 Macos, Master Pdf Editor, Foxit Reader and 13 more | 2021-01-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user without any action by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects LibreOffice, Master PDF Editor, Nitro Pro, Nitro Reader, Nuance Power PDF Standard, PDF Editor 6 Pro, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, Perfect PDF 10 Premium, and Perfect PDF Reader. | |||||
| CVE-2021-1060 | 7 Citrix, Linux, Microsoft and 4 more | 7 Hypervisor, Linux Kernel, Windows and 4 more | 2021-01-14 | 3.6 LOW | 7.1 HIGH |
| NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input index is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). | |||||
| CVE-2021-1058 | 7 Citrix, Linux, Microsoft and 4 more | 7 Hypervisor, Linux Kernel, Windows and 4 more | 2021-01-14 | 3.6 LOW | 7.1 HIGH |
| NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). | |||||